Skip to Main Content
Forums

Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

JSF invalidate session from backing bean NOT WORKING

843844Aug 2 2007 — edited Aug 6 2007
I have a logout button. When I click it, the backing bean fires properly, and properly redirects me back to my app's home page.

However, at that point, I am still logged in, and can access the protected resources without re-authenticating. It is as if the session.invalidate() method never does anything!

The button:
<h:form>
<h:commandButton value="logout" action="#{rfcHandler.logout}"></h:commandButton>
</h:form>


the backingBean:
public String logout() {
HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
HttpSession session = request.getSession(false);
session.invalidate();
return "success";
}



i've tried this with getSession(true), I've tried deleting all client-side cookies to force the client to forget who it is. If you have any ideas, thank you.
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Sep 3 2007
Added on Aug 2 2007
#javaserver-faces
7 comments
322 views